TREsPASS Book 3: Creative Engagements

Creativ

e Engagements S Exploring Risk PAS s TRE

TRE s PAS S Book 3 : Creativ e Engag ements

Series Editor : Lizzie Coles -Kemp

Editor : P eter Hall

Image C urat or: Claude Heath

Design : Giles Lane | proboscis. org.uk Published by R oyal Hollo way Univ ersity of L ondon

© RHUL & individual contribut ors 2016

TREsPASS Exploring Risk

Paper Prototyping

Paper prototyping is a research method in which a paper version of a digital interface is created and a participant group is invited to engage with the prototype, simulating the way in which users would interact with a digital version of the interface. This method can be used to gain insights into the usability od the interface, user attitudes and expectations, which can then be translated into designs for digital prototypes.

In TREsPASS we have built paper versions of the risk analysis tools that incorporate the different visual approaches that we have used. Our paper prototyping kits enabled participants to use colour, icons, line thickness and shape to articulate different aspects of cyber security risk.

During the TREsPASS project four main paper prototyping sessions have been undertaken: two sessions took place in Australia, one session in Brussels and one in the UK. We used paper prototyping to bring together about 50 security practitioners at an event in Brussels and ran eight paper prototyping sessions in tandem. Each session examined the possible routes an attacker might take to gain access to a computing resource.

We also used paper prototyping as part of teaching to communicate information security risk assessment concepts to both undergraduates and post graduates as part of Edith Cowan University’s security courses in Perth, Western Australia. These sessions were successful in communicating some of the more abstract risk concenpts as well as providing valuable feedback on the effectiveness of colour and line thickness to communicate particular risk attributes.



1 2 3

4 5 6

2,4,6,8,10,12

made with bookleteer.com from proboscis Creativ

e Engagements S Exploring Risk PAS s TRE

Introduction

In this book we examine the role that creative security engagements have played in the

TRE

s

PASS

project. These engagements are part of a wider creative securities approach that explores the contributions that social practices make to protection of data and information.

Our most popular creative security engagement was the participative modelling of risk scenarios in LEGO. Over 300 participants worked with our creative engagement tools and

artefacts over the life-time of the project. These creative engagements were designed to bring together stakeholders from different backgrounds to form a collective picture about the information risks in a particular service scenario.

One participant summarised the value of the LEGO engagement in this way: “The best thing about this is that normally we have to try to somehow keep all of this

in mind, whereas this [process] allows us to see it all at once”

As the TRE

s

PASS

project progressed we refined our creative security engagements to enable participants to focus on the interactions and relationships within a particular scenario and

examine them from different perspectives.

This book represents our approach to creative engagements and gives examples of where we have used this approach to positive effect.

Lizzie Coles-Kemp Information Security Group Royal Holloway University of London

Creative Engagements

Contents

Introduction

3

What Are Creative Security Engagements?

5

The

Principle

of

Participation

7

Physical

Modelling

9

Paper

Prototyping

11

The Importance of Interdisciplinary Dialogue

13

A Programme of Creative Security Engagements

15

A

Manifesto

for

Change 17

Creative Engagements

Lizzie Coles-Kemp

2016-10-31 & © RHUL & contributors 2016 Published by Royal Holloway University of London TREsPASS Exploring Risk: Book 3

Creativ e Engagements





enable security resear

chers and practitioners to engage with

communities that typically are excluded from technical or abstract

discussions about security and risk.

TRE s PAS S Exploring Risk

What Are Cr

eativ

e Security Engag

ements?

Scientists, designers and security practitioners are seeking to understand the wider picture

of security as a matter of some urgency in order to address some of the more challenging issues related to cyber security. A

family of highly creative security research and practices offer the possibility of visualising some of these challenges and bringing into focus relationships between different forms of security

. Creative security engagements are participatory in nature and are designed to bring together stakeholders from different

communities. In such engagements the researcher adopts the role of facilitator and

engagement designer rather than data gatherer and experiment designer. Creative security engagements are designed to explore a community’s own security-making practices, eliciting the securities at work, and to visualise the potential contributions of new

technologies, practices or services in that space. The open-ended nature of creative security engagements deliberately encourages both a wide range of security considerations to emerge

and encourages broad and creative thinking to address the question of “What is security?” in a given context. Design is central to these engagements, from the exploration of security technologies in use, to the conduct of research and the design of new technologies, methods

and services and the nurturing of resilient and collaborative social practices.

In TRE

s

PASS

creative security engagements have been central to our efforts to better understand the social dimensions of cyber security risk. W

e have used a range creative security engagements ranging from paper prototyping to LEGO modeling and storytelling

with avatars. LEGO modeling has been our most successful creative security engagement

TREsPASS Exploring Risk

A Manifesto for Change

The use of creative engagements as a part of risk thinking is designed to provoke and encourage discussion between people bound together within a particular situation. Creative engagements are intended to help people reflect on and make sense of a particular situation and the potential for risks within that situation. The creative security engagements that we have conducted during the TREsPASS project have shown that differing degrees of trust and solidarity within an organisation can lead to contrasting perceptions of security, and the values associated with it. These relationships are very difficult to visualise (let alone quantify) unless the input of stakeholders is explicitly sought through an active participation in the risk assessment process.

Central to all the creative security engagements that we have designed and run is the principle of participation. A participatory process insists on continuous iteration within the information-visualisation process. It is ideally suited to the gathering of contrasting interpretations of a scenario, in effect brainstorming the full range of positive and negative implications of each facet of a scenario. Furthermore, in the post-analysis of this data, there are inevitable difficulties concerning how to represent time and change in relation to vulnerabilities. The participatory process is also well suited to this issue, addressing it by insisting that the process remains recursive. Maintaining this tack enables a security analyst to take account of the multiple perspectives of several actors and the nature of their relationships.

The image on the opposite page summarises some of the reflections on the principles for cyber security risk assessment from the TREsPASS Summer School participants. In order to enact many of these principles, a transformation in the way we develop and discuss our understandings of cyber security risk is needed. Central to this transformation is the use of participatory and iterative information-visualisation processes that help people to reflect upon and understand the risk situations in which they are enmeshed.



Sketchnote by Miriam Sturdee

Creative Engagements



LEGO modelling forms part of our creative securities offering from the TREsPASS project. A form of physical modelling, this approach has enabled participants to brainstorm scenarios and, at speed, identify key information security risks within that scenario, linking such risks to the communities at work within those scenarios.

Creativ

e Engagements S Exploring Risk PAS s TRE

The Principle of P

articipation

The principle of participation is key to TRE

s

PASS

engagements. Devising engagements that actively include and consult with participants is essential for the gathering of good

quality data about cyber security risk. The aim has been to purposely extend the concept of visualisation to mapping in order to accommodate participatory methods used to gather

research on perceptions of risk and practices of information exchange within particular

communities of service and technology users. The results from these sessions can be successfully incorporated into information security risk assessment methodologies.

We have used physical modelling (particularly with LEGO) and paper prototyping as the main participatory methods in the TRE

s

PASS

project. Using these participatory methods, in the first instance an abstracted version of the representation can be constructed that

makes reference to core organisational goals and alignments of values. This then results in a visualisation of a clustering of the elements into different communities of practice that

use a service or in other ways share information with each other. For example, a LEGO model made from this process can be visually analysed and the data about social practices

emerging from this can be transformed into a variety of appropriate formal formats that can be used by more traditional information security risk assessment tools.



vulnerabilities as perceived by the communities themselves.

TREsPASS Exploring Risk

A Programme of Creative Security Engagements

During the TREsPASS project we ran over 20 creative security engagements and, in total, engaged with about 300 participants. We worked with a wide range of stakeholder groups including security practitioners, service providers and designers, central and local government policy makers, community workers and members of the public. We have also worked in a wide range of risk scenarios ranging from financial services, community payment systems, welfare provision and supply chains to the Internet of Things.

An example of a creative security engagement workshop was one that we carried out at the Pallion Action Group (PAG) in Sunderland in June 2015. PAG is a proactive community centre which acts as a valuable source of information for community members. PAG is able to sign post citizens to specialist providers of advice, resources, and assistance where this is needed. PAG is a trusted gatekeeper both to and from the local community and provides support for citizens needing to use online gvernment services. The workshop we provided was designed for business newcomers to bring their ideas for start-ups, in order to more systematically think through their proposed enterprises in a safe and supportive environment, such that their early-stage ventures do not stumble upon key aspects of data management and cyber security. Using creative security practices we were able to facilitate discussions about cyber security risk as part of the initial business design discussion. During the TREsPASS project we also conducted a number of creative security engagements in Australia. One example was a workshop that we ran at the International Association of Societies of Design Research conference that took place in November 2015 in Brisbane, Australia. The participants for this workshop were drawn from communities of practice interested in understanding the broader concept of secure places. These communities included: civic administrators, security practitioners (security managers, auditors, security designers and risk managers), service designers, urban planners, artists, data-visualisation practitioners, social and computer scientists, and digital humanities scholars. Using creative security practices we were able to bring together a broad range of stakeholders to discuss cyber security risk and encourage cross-disciplinary communication both between academia and practice and between academic disciplines.

Creativ e Engagements



TRE

s

PAS S Exploring Risk

Physical Modelling

A specially developed form of participatory diagramming and physical modelling has been deployed in TRE

s

PASS

. The focus is to help participants brainstorm and visualise networks of trust and solidarity that are used to help protect the flow of information within

the workplace. The modelling approach places social data gathered directly from case-study participants at centre-stage. This has the ef

fect of broadening the traditional process of information risk assessment, accessing social data as a starting point for identifying and

then scoping the issues that are of paramount interest to the stakeholders. The LEGO modelling process uses the following steps to brainstorm risk scenarions:

1. A context or scenario fo

r information sharing and protection is agreed with a participant group.

2. Participant s identify their core values and the basis

on which they share and protect information.

3. Participant s are given LEGO building bricks of giv

en types and colours, selected so as to encode the movement of shared information and data, actors, and devices.

4. Participant s collaboratively model the chosen cont

ext or scenario in LEGO bricks and, during this collaborative process, discuss the types of information generation

and flows that occur within this space.

5. Participant s identify information sharing and prote

ction narratives relevant to the context.

TREsPASS Exploring Risk

The Importance of Interdisciplinary Dialogue

We have used creative security engagements in a variety of ways within the TREsPASS project, including to: help communities construct knowledge about the cyber security risks in their environment; to produce requirements for risk apps; and to stimulate interdisciplinary discussion.

Interdisciplinary discussion is essential to the development of effective cyber security risk assessment techniques. In particular, interdisciplinary discussions with the social sciences and humanities are essential if we are to gain a wider understanding of the cyber security terrain. For example, in the context of cyber security, security is usually understood with negative connotations (protection from harms) synonymous with technological protections and administrative procedures for the protection of assets. However, this is only part of the security story as interdisciplinary discussions with social scientists, arts and humanities scholars reveal. From a broader perspective, kinship and friendship networks and an agreement on values to be protected are as important in the protection of cyber security services as are technologies and procedures. In this sense, security is both emancipatory and protective. Societies infused with digital technology are producers, curators and consumers of both kinds of security. When we investigate cyber security risk concepts such as “control strength” and “attacker profiles” we need to understand the social context of the production, circulation and curation of information as much as we do the technological design of the mechanisms that support these activities. In order to build this wider understanding, theories of cyber security risk need to draw on knowledge from the social sciences and humanities, including: sociology, geography, politics and international relations, history, law, psychology and economics.

TREsPASS recognised the importance of interdisciplinary interaction and discussion and devised a programme of interdisciplinary engagement. For example, the 2016 TREsPASS Summer School sought to bring together notable speakers from a number of disciplines that hitherto have not had a major presence in the cyber security risk discourse: namely sociology, geography and law. Speakers from these disciplines together with speakers from the disciplines of psychology and computer science formed a speaker programme designed to engage postgraduates in studying cyber security. The content of these talks is presented in the Summer School book of this series.

In order to help the participants make sense of the content of the academic talks in the Summer School programme, creative security workshops were included as part of the afternoon programme. The workshops worked with the theme of cyber security risks in smart homes. In the first session groups were encouraged to brainstorm the scenario with their creative security method of choice. In the second session each group identified the clusters of communities of practice within their scenario and used the visualisations from the creative security methods as input to the risk assessment analysis. The knowledge gathered from the Summer School’s academic talks programme was used to broaden the analysis and to deepen the understanding of the social aspects of risk.



Creative security engagements offer the opportunity for multiple forms of analysis to take place in parallel.

Creative Engagements



LEGO model re-configured to reflect the communities of practice at work within the scenario depicted in LEGO. Each community of practice reflects shared goals, values and trust relationships. Such a visualisation helps a security analyst to identify where information is shared and community attitudes towards information protection.